X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssuranceForm.java;h=cf60f75bc0eb8cc7ed322aeed13cfd3d5f03e476;hb=a398544a86bdffe288ded209d9cc6b19df199964;hp=3df399426afb2411fd15b3e4fd8e3e1375e8773a;hpb=e409ba881965634f63f0b67824bc93dda4ec4327;p=gigi.git diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java index 3df39942..cf60f75b 100644 --- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java +++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java @@ -1,35 +1,61 @@ package org.cacert.gigi.pages.wot; +import java.io.IOException; import java.io.PrintWriter; -import java.sql.SQLException; -import java.text.ParseException; +import java.net.URLEncoder; import java.text.SimpleDateFormat; -import java.util.Date; import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; import java.util.Map; import javax.servlet.http.HttpServletRequest; +import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Assurance.AssuranceType; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.email.Sendmail; import org.cacert.gigi.localisation.Language; -import org.cacert.gigi.output.Form; +import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.pages.PasswordResetPage; +import org.cacert.gigi.util.DayDate; import org.cacert.gigi.util.Notary; -import org.cacert.gigi.util.Notary.AssuranceResult; +import org.cacert.gigi.util.RandomToken; +import org.cacert.gigi.util.ServerConstants; public class AssuranceForm extends Form { private User assuree; + private Name assureeName; + + private DayDate dob; + + private String location = ""; + + private String date = ""; + + private String aword; + + private User assurer; + + private AssuranceType type = AssuranceType.FACE_TO_FACE; + private static final Template templ; static { templ = new Template(AssuranceForm.class.getResource("AssuranceForm.templ")); } - public AssuranceForm(HttpServletRequest hsr, int assuree) { + public AssuranceForm(HttpServletRequest hsr, User assuree) { super(hsr); - this.assuree = new User(assuree); + assurer = Page.getUser(hsr); + this.assuree = assuree; + assureeName = this.assuree.getName(); + dob = this.assuree.getDoB(); } SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); @@ -42,56 +68,111 @@ public class AssuranceForm extends Form { res.putAll(vars); res.put("nameExplicit", assuree.getName()); res.put("name", assuree.getName().toString()); - try { - res.put("maxpoints", assuree.getMaxAssurePoints()); - } catch (SQLException e) { - e.printStackTrace(); + res.put("maxpoints", assurer.getMaxAssurePoints()); + res.put("dob", sdf.format(assuree.getDoB().toDate())); + res.put("dobFmt2", sdf2.format(assuree.getDoB().toDate())); + res.put("location", location); + res.put("date", date); + res.put("aword", aword); + final LinkedList ats = new LinkedList<>(); + for (AssuranceType at : AssuranceType.values()) { + try { + Notary.may(assurer, assuree, at); + ats.add(at); + } catch (GigiApiException e) { + } } - res.put("dob", sdf.format(assuree.getDob())); - res.put("dobFmt2", sdf2.format(assuree.getDob())); + res.put("ats", new IterableDataset() { + + Iterator t = ats.iterator(); + + @Override + public boolean next(Language l, Map vars) { + if ( !t.hasNext()) { + return false; + } + AssuranceType t1 = t.next(); + vars.put("type", t1.getDescription()); + vars.put("id", t1.toString()); + vars.put("sel", t1 == type ? " selected" : ""); + return true; + } + }); templ.output(out, l, res); } @Override public boolean submit(PrintWriter out, HttpServletRequest req) { - if ( !"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules")) || !"1".equals(req.getParameter("CCAAgreed")) || !"1".equals(req.getParameter("assertion"))) { - outputError(out, req, "You failed to check all boxes to validate" + " your adherence to the rules and policies of CAcert"); + location = req.getParameter("location"); + date = req.getParameter("date"); + if (date == null || location == null) { + outputError(out, req, "You need to enter location and date!"); + } + if ( !"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules")) || !"1".equals(req.getParameter("tos_agree")) || !"1".equals(req.getParameter("assertion"))) { + outputError(out, req, "You failed to check all boxes to validate" + " your adherence to the rules and policies of SomeCA"); } - if (req.getParameter("date") == null || req.getParameter("date").equals("")) { - outputError(out, req, "You must enter the date when you met the assuree."); + if ("1".equals(req.getParameter("passwordReset"))) { + aword = req.getParameter("passwordResetValue"); + if ("".equals(aword)) { + aword = null; + } } else { + aword = null; + } + String val = req.getParameter("assuranceType"); + if (val != null) { try { - Date d = sdf.parse(req.getParameter("date")); - if (d.getTime() > System.currentTimeMillis()) { - outputError(out, req, "You must not enter a date in the future."); - } - } catch (ParseException e) { - outputError(out, req, "You must enter the date in this format: YYYY-MM-DD."); + type = AssuranceType.valueOf(val); + } catch (IllegalArgumentException e) { + outputError(out, req, "Assurance Type wrong."); } } - // check location, min 3 characters - if (req.getParameter("location") == null || req.getParameter("location").equals("")) { - outputError(out, req, "You failed to enter a location of your meeting."); - } else if (req.getParameter("location").length() <= 2) { - outputError(out, req, "You must enter a location with at least 3 characters eg town and country."); - } - // TODO checkPoints + + int pointsI = 0; String points = req.getParameter("points"); if (points == null || "".equals(points)) { outputError(out, req, "For an assurance, you need to enter points."); + } else { + try { + pointsI = Integer.parseInt(points); + } catch (NumberFormatException e) { + outputError(out, req, "The points entered were not a number."); + } } + if (isFailed(out)) { return false; } try { - AssuranceResult success = Notary.assure(Page.getUser(req), assuree, Integer.parseInt(req.getParameter("points")), req.getParameter("location"), req.getParameter("date")); - if (success != AssuranceResult.ASSURANCE_SUCCEDED) { - outputError(out, req, success.getMessage()); + Notary.assure(assurer, assuree, assureeName, dob, pointsI, location, req.getParameter("date"), type); + if (aword != null && !aword.equals("")) { + String systemToken = RandomToken.generateToken(32); + int id = assuree.generatePasswordResetTicket(Page.getUser(req), systemToken, aword); + try { + Language l = Language.getInstance(assuree.getPreferredLocale()); + StringBuffer body = new StringBuffer(); + body.append(l.getTranslation("Hi,") + "\n\n"); + body.append(l.getTranslation("A password reset was triggered. If you did a password reset by assurance, please enter your secret password using this form:")); + body.append("\n\nhttps://"); + body.append(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH); + body.append("?id="); + body.append(id); + body.append("&token="); + body.append(URLEncoder.encode(systemToken, "UTF-8")); + body.append("\n"); + body.append("\n"); + body.append(l.getTranslation("Best regards")); + body.append("\n"); + body.append(l.getTranslation("SomeCA.org Support!")); + Sendmail.getInstance().sendmail(assuree.getEmail(), "[SomeCA.org] " + l.getTranslation("Password reset by assurance"), body.toString(), "support@cacert.org", null, null, null, null, false); + } catch (IOException e) { + e.printStackTrace(); + } } - return success == AssuranceResult.ASSURANCE_SUCCEDED; - } catch (SQLException e) { - e.printStackTrace(); + return true; + } catch (GigiApiException e) { + e.format(out, Page.getLanguage(req)); } return false;